vagrant/plugins/commands/login/middleware/add_authentication.rb

require "cgi"
require "uri"

require_relative "../client"

module VagrantPlugins
  module LoginCommand
    class AddAuthentication
      VCLOUD = "vagrantcloud.com".freeze
      ATLAS  = "atlas.hashicorp.com".freeze

      def initialize(app, env)
        @app = app
      end

      def call(env)
        client = Client.new(env[:env])
        token  = client.token

        if token && Vagrant.server_url
          server_uri = URI.parse(Vagrant.server_url)

          env[:box_urls].map! do |url|
            u = URI.parse(url)
            replace = u.host == server_uri.host

            if !replace
              # We need this in here for the transition we made from
              # Vagrant Cloud to Atlas. This preserves access tokens
              # appending to both without leaking access tokens to
              # unsavory URLs.
              if (u.host == VCLOUD && server_uri.host == ATLAS) ||
                  (u.host == ATLAS && server_uri.host == VCLOUD)
                replace = true
              end
            end

            if replace
              q = CGI.parse(u.query || "")

              current = q["access_token"]
              if current && current.empty?
                q["access_token"] = token
              end

              u.query = URI.encode_www_form(q)
            end

            u.to_s
          end
        end

        @app.call(env)
      end
    end
  end
end
Only append access_token the first time This fixes GH-6395 by only appending the access_token once. It also fixes a bug that was never reported. If a user supplied an access_token for a box URL, Vagrant would silently overwrite it. After this commit, Vagrant only appends an access_token to the URL if no value exists at the key. 2015-11-18 18:43:29 +00:00			`require "cgi"`
Add vagrant-login to core ;) 2014-12-09 01:42:00 +00:00			`require "uri"`

			`require_relative "../client"`

			`module VagrantPlugins`
			`module LoginCommand`
			`class AddAuthentication`
Only append access_token the first time This fixes GH-6395 by only appending the access_token once. It also fixes a bug that was never reported. If a user supplied an access_token for a box URL, Vagrant would silently overwrite it. After this commit, Vagrant only appends an access_token to the URL if no value exists at the key. 2015-11-18 18:43:29 +00:00			`VCLOUD = "vagrantcloud.com".freeze`
			`ATLAS = "atlas.hashicorp.com".freeze`

Add vagrant-login to core ;) 2014-12-09 01:42:00 +00:00			`def initialize(app, env)`
			`@app = app`
			`end`

			`def call(env)`
			`client = Client.new(env[:env])`
			`token = client.token`

			`if token && Vagrant.server_url`
			`server_uri = URI.parse(Vagrant.server_url)`

			`env[:box_urls].map! do \|url\|`
			`u = URI.parse(url)`
commands/login: append access token to vagrantcloud => atlas URLs 2014-12-12 22:53:05 +00:00			`replace = u.host == server_uri.host`
Only append access_token the first time This fixes GH-6395 by only appending the access_token once. It also fixes a bug that was never reported. If a user supplied an access_token for a box URL, Vagrant would silently overwrite it. After this commit, Vagrant only appends an access_token to the URL if no value exists at the key. 2015-11-18 18:43:29 +00:00
commands/login: append access token to vagrantcloud => atlas URLs 2014-12-12 22:53:05 +00:00			`if !replace`
			`# We need this in here for the transition we made from`
			`# Vagrant Cloud to Atlas. This preserves access tokens`
			`# appending to both without leaking access tokens to`
			`# unsavory URLs.`
Convert atlas references to vagrant cloud 2017-05-22 16:42:31 +00:00			`if (u.host == VCLOUD && server_uri.host == ATLAS) \|\|`
			`(u.host == ATLAS && server_uri.host == VCLOUD)`
Only append access_token the first time This fixes GH-6395 by only appending the access_token once. It also fixes a bug that was never reported. If a user supplied an access_token for a box URL, Vagrant would silently overwrite it. After this commit, Vagrant only appends an access_token to the URL if no value exists at the key. 2015-11-18 18:43:29 +00:00			`replace = true`
			`end`
commands/login: append access token to vagrantcloud => atlas URLs 2014-12-12 22:53:05 +00:00			`end`

			`if replace`
Only append access_token the first time This fixes GH-6395 by only appending the access_token once. It also fixes a bug that was never reported. If a user supplied an access_token for a box URL, Vagrant would silently overwrite it. After this commit, Vagrant only appends an access_token to the URL if no value exists at the key. 2015-11-18 18:43:29 +00:00			`q = CGI.parse(u.query \|\| "")`

			`current = q["access_token"]`
			`if current && current.empty?`
			`q["access_token"] = token`
			`end`

			`u.query = URI.encode_www_form(q)`
Add vagrant-login to core ;) 2014-12-09 01:42:00 +00:00			`end`

			`u.to_s`
			`end`
			`end`

			`@app.call(env)`
			`end`
			`end`
			`end`
			`end`